SFP Secondary Cluster: Exposed Data

The product defines a public method that reads or modifies a private variable.

Debugging messages help attackers learn about the system and plan a form of attack.

An ASP .NET application must enable custom error pages in order to prevent attackers from mining information from the framework's built-in responses.

Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attac...

The product stores sensitive information in cleartext in a file, or on disk.

The product stores sensitive information in cleartext in the registry.

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

The product stores sensitive information in cleartext in a cookie.

The product uses an environment variable to store unencrypted sensitive information.

The product stores sensitive information in cleartext in an executable.

The product stores sensitive information in cleartext within the GUI.

The product stores sensitive information in cleartext in memory.

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

The code contains a class with sensitive data, but the class is cloneable. The data can then be accessed by cloning the class.

Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka "dead store removal."

The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.

A backup file is stored in a directory or archive that is made accessible to unauthorized actors.

The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.

A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descript...

A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.

A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions th...

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sens...

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the und...

The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized...

The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors.

The product performs an operation that triggers an external diagnostic or error message that is not directly generated or controlled by the product, such as an error g...

The product makes files or directories accessible to unauthorized actors, even though they should not be.

The product generates an error message that includes sensitive information about its environment, users, or associated data.

The product creates a search index of private or sensitive documents, but it does not properly limit index access to actors who are authorized to see the original info...

Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.

The product does not neutralize or incorrectly neutralizes output that is written to logs.

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the ...

If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.

While adding general comments is very useful, some programmers tend to leave important data, such as: filenames related to the web application, old links or links whic...

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides ...

The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive ...

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

A process is invoked with sensitive command-line arguments, environment variables, or other elements that can be seen by other processes on the operating system.

Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are we...

When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to re...

The default error page of a web application should not display sensitive information about the product.

The J2EE application stores a plaintext password in a configuration file.

In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.

The product does not return custom error pages to the user, possibly exposing sensitive information.

The product does not encrypt sensitive or critical information before storage or transmission.

The product sends non-cloned mutable data as an argument to a method or function.

The product stores a password in a configuration file that might be accessible to actors who do not know the password.

Storing a password in plaintext may result in a system compromise.

The product has a method that is declared public, but returns a reference to a private data structure, which could then be modified in unexpected ways.

A public or protected static final field references a mutable object, which allows the object to be changed by malicious code, or accidentally from another package.

Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function.

The product identifies an error condition and creates its own diagnostic or error messages that contain sensitive information.

The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk b...

The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in th...

The code contains a class with sensitive data, but the class does not explicitly deny serialization. The data can be accessed by serializing the class through another ...

Certain conditions, such as network failure, will cause a server error message to be displayed.

A servlet error message indicates that there exists an unhandled exception in your web application code and may provide useful information to an attacker.

The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties.

The product stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties.

The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypte...

The code contains comments that suggest the presence of bugs, incomplete functionality, or weaknesses.

The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.

The product mixes trusted and untrusted data in the same data structure or structured message.

The product stores raw content or supporting code under the web document root with an extension that is not specifically handled by the server.

Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.

The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that request.

The web application uses persistent cookies, but the cookies contain sensitive information.

CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).